Superfish is a pre-installed adware that Lenovo installed on laptop computers over the past two years. Superfish (Superfish Visual Discovery) is a security flaw that
could reveal users shopping, credit card information, personal data, email, and other
online activity. Superfish image algorithm might not be the security risk. The
software that Superfish used from other companies can eavesdrop when internet users
visit secure or encrypted websites. The software replaces the encrypted code on
websites with its own. Homeland Security issued an alert that Lenovo customers
should remove Superfish due to hacking dangers.

Microsoft Windows Defender has removed Superfish certificate entirely in hopes to
prevent Superfish from running on Windows. Although this is not a guarantee it
will help those who were not aware of Superfish or how to remove it. Hopefully
Firefox will follow suit because the certificate is still in place on Firefox.

Click LastPass to access the LastPass tool to see if you have Superfish installed on your computer. The LastPass website will tell you if your computer is Safe or Affected. If your computer is Affected you will be provided instructions on how to remove and uninstall.

Lenovo released the following statement: “In reality, we had customer complaints about the software. We acted swiftly and decisively once these concerns began to be raised. We apologize for causing any concern to any users for any reason.

Lenovo also stated “To be clear: Lenovo never installed this software on any ThinkPad notebooks, nor any desktops, tablets, smartphones or servers.

Today Target confirmed that about 40 million credit and debit card accounts may have been impacted between Nov. 27 and Dec 15 2013.

Investigators believe that software install on machines that customers use to swipe the magnetic strips on their cards is how the data was obtained.

“Target alerted authorities and financial institutions immediately after it was made aware of the unauthorized access, and is putting all appropriate resources behind these efforts,” the chain said in a statement. “Among other actions, Target is partnering with a leading third-party forensics firm to conduct a thorough investigation of the incident.”

Target Corp. advised customers to check their statements carefully. Those who suspect there has been unauthorized activity on their cards should report it to their credit card companies and call Target at 866-852-8680. Cases of identity theft can also be reported to law enforcement or the Federal Trade Commission.

Zendesk was attacked. Zendesk offers help desk software support and also provides customer support for companies. Twitter, Tumblr, and Pinterest are the affected companies so far.

Zendesk CEO Mikkel Svanesaid said, the hack occurred this week, as soon as they were knowledgeable of the attacked they patched the vulnerability. He also stated, “Our ongoing investigation indicates that the hacker had access to the support information that three of our customers store on our system.” “We believe that the hacker downloaded email addresses of users who contacted those three customers for support, as well as support email subject lines. We notified our affected customers immediately.”

NBC.com was compromised, an iframe was modified which allowed content to load from another website. NBC joins the list of other websites to be attached recently: Apple, Facebook, Twitter, and Burger King. Facebook and Google blocked users from accessing NBC, Facebook did not allow users to post NBC links on its website.

Other NBC websites were attacked as well such as Late Night with Jimmy Fallon and Jay Leno’s Garage.

NBC identified and resolved the RedKit malware. Security experts warn visitors that the site may have infected their computer with the RedKit malware.

The RedKit malware was first publicly identified last May, it targets vulnerabilities in applications such as Java and Adobe Reader.

Kaspersky Lab discovered that the mobile app Sketchy is designed to infect PCs. The app is located in Google Play, the platform where Android apps are sold.

Sketchy poses as a cleaner called DroidCleaner; Once the three files, autorun.inf, folder.ico and svchosts.exe are installed, executed, and connected to your smartphone the svchosts.exe malware takes control of your PC microphone, records you and sends your recording back to the attacker.

The malware on your phone can send SMS messages, Delete SMSs, enable WI-Fi, uploads files, open links and more. For more Click Here